1. Field of the Invention
The present invention relates to communication systems, in particular, to data packet security using anti-replay protection.
2. Description of the Related Art
Internet Protocol Security (IPsec) is a set of protocols for securing Internet Protocol (IP) communications by authenticating and encrypting IP packets in a data stream. IPsec includes protocols for establishing mutual authentication and negotiation of cryptographic keys, which might protect data flows between two or more host devices (e.g., computers or servers), between a pair of security gateways (e.g., routers or firewalls), or between a security gateway and a host device. The IPsec protocol is officially specified by the Internet Engineering Task Force (IETF) in a series of Requests for Comment (RFC). For example, IETF RFC 2402 (1998) defines anti-replay protection for the IP Authentication Header protocol, which secures IP data flows against a security breach by an adversary inserting or replaying packets in the data flow. IETF RFC 2401 (1998) and IETF RFC 4303 (2005) further describe general anti-replay steps for IPsec. RFC 2401 specifies the base architecture for IPsec compliant systems, and RFC 4303 describes a specific protocol, the Encapsulating Security Payload (ESP) protocol, which provides an anti-replay service. Although generally described herein in relation to the IPsec protocol, other network protocol standards, such as Secure Real-time Transport Protocol (SRTP), Transport Layer Security (TLS) and Secure Socket Layer (SSL) also define similar anti-replay protection.
In general, as described in RFC 2402, IPsec authentication provides anti-replay protection by assigning a unique sequence number to each encrypted packet. In the IPsec protocol, the sequence number is, for example, a 64-bit number. Security association (“SA”) anti-replay is a security service in which a receiving device can reject old or duplicate packets to protect itself against replay attacks. The transmitting device assigns a sequence number to each packet in a data stream in monotonically increasing order. In a packet-switched network, individual packets of a sequence of packets in the same data stream might take different paths between the transmitting device and the receiving device and, thus, packets might not arrive in the same order in which they were transmitted. Therefore, the receiving device tracks sequence numbers that it has received, and discards packets with a repeated sequence number. Only the first packet received with a specific sequence number will be accepted. Since the sequence number is permitted to be a large number (e.g., 64 bits), the receiver does not track all the sequence numbers it has received, instead, tracking only those sequence numbers that are within a sliding anti-replay window.
For example, a “position” of the sliding anti-replay window is determined based on the highest sequence number, X, that the receiving device has received. If N is the anti-replay window width, the receiving device will track whether it has received packets having sequence numbers from a low value of X−(N−1) through a high value of X, thus defining the anti-replay window between X−(N−1) and X. Any packet with a sequence number value less than X−(N−1) is discarded. The “position” of the window slides as the value of X changes as packets are received having higher sequence numbers. Common values of N are 32 and 64, although some devices support up to 1024.
Anti-replay windows for internet security protocols are commonly implemented using a bitmap. As packets are received, the receiver may check a bitmap to determine if the sequence number has already been received. In some cases, a bit shift operation may be used to slide the contents of the anti-replay window when higher sequence numbers are received. In other cases, circular bit manipulation implements anti-replay detection to effectively shift the bits of a large bitmap. For example, a receiver utilizing circular bit manipulation may receive a sequence number greater than X, and may respond by changing the beginning and end points of the sequence number bitmap, rather than sliding the entire anti-replay window. Circular manipulation of the anti-replay window might increase system throughput for large anti-replay windows.
Processing systems commonly perform anti-replay processing checks using software in a host processor or firmware in a network processor. Anti-replay window size may be limited due to processing requirements of anti-replay protection. Decreased anti-replay window size may result in valid packets being discarded because they arrived out of order and with a sequence number outside of the window. Anti-replay functionality may also be implemented in a hardware accelerator. For example, the accelerator may include a register used to store an anti-replay widow. The hardware accelerator for sliding windows may also include a barrel shifter to slide the anti-replay window based on a received sequence number.